Security Hints: Email phishing and spoofing

Phishing – obtaining financial or other confidential information from internet users, typically by sending an email that looks as if it is from a legitimate organization (often a financial organization), but contains a link to a fake website that replicates the real one.

Spoofing – is the creation of email messages with a forged sender address.  It is a tactic used in phishing and spam campaigns as recipients of emails are more likely to open an email when they think it has been sent by a legitimate source.

10 Hints to spot spoofed emails:

  • The use of poor spelling and grammar
  • Unexpected email attachments
  • Missing or old company logos
  • Sudden requests for personal information
  • Sudden requests for a payment to be made
  • Generic email subject or greeting
  • Suspicious links in emails
  • Amazing offers (to good to be true)
  • Unexpected prizes
  • Unexpected inheritances (often foreign)

Don’t open supplied links and never disclose personal information and PIN numbers – contact the organization to verify information through publicly available numbers or addresses – not via numbers and addresses supplied in the phishing email itself!